Message ID | 4E1C6D6A.7070308@canonical.com |
---|---|
State | New |
Headers | show |
On 07/12/2011 09:51 AM, Paolo Pisati wrote: > On 07/12/2011 11:01 AM, Stefan Bader wrote: >> On 11.07.2011 18:14, Tim Gardner wrote: >>> On 07/11/2011 10:03 AM, Paolo Pisati wrote: >>>> On 07/11/2011 05:23 PM, Tim Gardner wrote: >>>>> >>>>> While researching these patches I stumbled across some further analysis >>>>> of this vulnerability by Eugene Teo at >>>>> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4251 in which he >>>>> includes a 2.6.35 patch from Eric Duzamet which really, really fixes the >>>>> problem. >>>> >>>> you mean c377411f24 ("net: sk_add_backlog() take rmem_alloc into >>>> account")? saw that, and is handled in another CVE in our db >>>> (CVE-2010-4805), so i wanted to issue a subsequent pull. >>>> >>> >>> Since both CVEs address the same issue, I wonder if we shouldn't just fix them >>> in the same patch set. Perhaps mark CVE-2010-4251 as a duplicate of CVE-2010-4805 ? >>> >>> rtg >> >> If it really is the same patch fixing both, it would be possible to have both >> cves referenced there. As it sounds like they got another cve number for fixing >> the fix it sounds more like a matter of submission. >> It should work if Paolo marked the respective patches with the matching cve but >> submitted them as one review. And anything prerequisite gets the cve number of >> whatever was the first that needed it to apply... > > let's do it in a single pull, shall we? > > The following changes since commit 24292e1c2aa8faa18b39e090a5c41cc51626e069: > > Linux 2.6.32.42+drm33.19 (2011-07-08 06:51:06 -0600) > > are available in the git repository at: > git://kernel.ubuntu.com/ppisati/ubuntu-lucid.git master-next > > Eric Dumazet (4): > ipv6: udp: Optimise multicast reception > ipv4: udp: Optimise multicast reception > udp: multicast RX should increment SNMP/sk_drops counter in > allocation failures CVE-2010-4251 > net: sk_add_backlog() take rmem_alloc into account CVE-2010-4805 > > Zhu Yi (8): > net: add limit for socket backlog CVE-2010-4251 > tcp: use limited socket backlog CVE-2010-4251 > udp: use limited socket backlog CVE-2010-4251 > llc: use limited socket backlog CVE-2010-4251 > sctp: use limited socket backlog CVE-2010-4251 > tipc: use limited socket backlog CVE-2010-4251 > x25: use limited socket backlog CVE-2010-4251 > net: backlog functions rename CVE-2010-4251 > > include/net/sock.h | 26 +++++++++++- > net/core/sock.c | 19 ++++++++- > net/dccp/minisocks.c | 2 +- > net/ipv4/tcp_ipv4.c | 6 ++- > net/ipv4/tcp_minisocks.c | 2 +- > net/ipv4/udp.c | 96 > ++++++++++++++++++++++++++++++++------------- > net/ipv6/tcp_ipv6.c | 6 ++- > net/ipv6/udp.c | 97 > +++++++++++++++++++++++++++++++++------------ > net/llc/llc_c_ac.c | 2 +- > net/llc/llc_conn.c | 3 +- > net/sctp/input.c | 42 +++++++++++++------- > net/tipc/socket.c | 6 ++- > net/x25/x25_dev.c | 2 +- > 13 files changed, 225 insertions(+), 84 deletions(-) > > Same as the previous patch series, plus the 2010-4805 patch. >